com.netflix.eureka

Class RateLimitingFilter

java.lang.Object

com.netflix.eureka.RateLimitingFilter

All Implemented Interfaces:

javax.servlet.Filter

public class RateLimitingFilter
extends java.lang.Object
implements javax.servlet.Filter

Rate limiting filter, with configurable threshold above which non-privileged clients will be dropped. This feature enables cutting off non-standard and potentially harmful clients in case of system overload. Since it is critical to always allow client registrations and heartbeats into the system, which at the same time are relatively cheap operations, the rate limiting is applied only to full and delta registry fetches. Furthermore, since delta fetches are much smaller than full fetches, and if not served my result in following full registry fetch from the client, they have relatively higher priority. This is implemented by two parallel rate limiters, one for overall number of full/delta fetches (higher threshold) and one for full fetches only (low threshold).

The client is identified by AbstractEurekaIdentity.AUTH_NAME_HEADER_KEY HTTP header value. The privileged group by default contains:

• EurekaClientIdentity.DEFAULT_CLIENT_NAME - standard Java eureka-client. Applications using this client automatically belong to the privileged group.
• EurekaServerIdentity.DEFAULT_SERVER_NAME - connections from peer Eureka servers (internal only, traffic replication)

It is possible to turn off privileged client filtering via EurekaServerConfig.isRateLimiterThrottleStandardClients() property.

Rate limiting is not enabled by default, but can be turned on via configuration. Even when disabled, the throttling statistics are still counted, although on a separate counter, so it is possible to measure the impact of this feature before activation.

Rate limiter implementation is based on token bucket algorithm. There are two configurable parameters:

• burst size - maximum number of requests allowed into the system as a burst
• average rate - expected number of requests per second

Constructor Summary

Constructors

Constructor and Description
RateLimitingFilter()

Method Summary

Modifier and Type	Method and Description
void	destroy()
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
void	init(javax.servlet.FilterConfig filterConfig)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RateLimitingFilter

public RateLimitingFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException

Specified by:

doFilter in interface javax.servlet.Filter

Throws:

java.io.IOException

javax.servlet.ServletException

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter